package com.test.gpa.security.config;

import com.test.gpa.security.Impl.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 自定义权限认证
 */
@Component("ex")
public class SGExpressionRoot {
    public boolean hasAuthority(String authority) {
           //获取令牌认证对象
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();//
        List<String> permissions = loginUser.getPermissions();//登录后的对象中存储的权限集合
        if(authority.equals("logout")){
            return true;
        }
        return permissions.contains(authority);
    }
}
